CVE-2022-2337— Softing Secure Integration Server NULL Pointer Dereference
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-2337
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Softing Secure Integration Server NULL Pointer Dereference
Source: NVD (National Vulnerability Database)
Vulnerability Description
A crafted HTTP packet with a missing HTTP URI can create a denial-of-service condition in Softing Secure Integration Server V1.22.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
空指针解引用
Source: NVD (National Vulnerability Database)
Vulnerability Title
Softing Secure Integration Server 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Softing Secure Integration Server是德国Softing公司的一款安全集成服务器。提供强大的 OPC UA 数据集成层并支持接口抽象、聚合、数据预处理和安全监督。 Softing Secure Integration Server 存在代码问题漏洞,该漏洞源于带有缺失 HTTP URI 的 HTTP 数据包可能会造成拒绝服务。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Softing | Secure Integration Server | V1.22 | - |
II. Public POCs for CVE-2022-2337
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-2337
请登录查看更多情报信息。
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-228-04x_refsource_CONFIRM
- https://industrial.softing.com/fileadmin/psirt/downloads/syt-2022-4.htmlx_refsource_CONFIRM
- https://nvd.nist.gov/vuln/detail/CVE-2022-2337
Same Patch Batch · Softing · 2022-08-17 · 9 CVEs total
| CVE-2022-2336 | 9.8 CRITICAL | Softing Secure Integration Server Improper Authentication |
| CVE-2022-1069 | 7.5 HIGH | Softing Secure Integration Server Out-of-bounds Read |
| CVE-2022-1748 | 7.5 HIGH | Softing Secure Integration Server NULL Pointer Dereference |
| CVE-2022-2335 | 7.5 HIGH | Softing Secure Integration Server Integer Underflow |
| CVE-2022-2547 | 7.5 HIGH | Softing Secure Integration Server NULL Pointer Dereference |
| CVE-2022-1373 | 7.2 HIGH | Softing Secure Integration Server Relative Path Traversal |
| CVE-2022-2334 | 7.2 HIGH | Softing Secure Integration Server Uncontrolled Search Path Element |
| CVE-2022-2338 | 5.7 MEDIUM | Softing Secure Integration Server Cleartext Transmission of Sensitive Information |
IV. Related Vulnerabilities
Same product: Secure Integration Server
- CVE-2023-39482
Softing Secure Integration Server Hardcoded Cryptographic Ke - CVE-2023-39481
Softing Secure Integration Server Interpretation Conflict Re - CVE-2023-39480
Softing Secure Integration Server FileDirectory OPC UA Objec - CVE-2023-39479
Softing Secure Integration Server OPC UA Gateway Directory C - CVE-2023-39478
Softing Secure Integration Server Exposure of Resource to Wr
Same vendor: Softing
- CVE-2023-7339
Data collection for dowloading leads into buffer overflow - CVE-2024-14028
Multiple implicit reads in parallel can result in a crash or - CVE-2025-13406
Scanning for higher HART revision device leads into NULL poi - CVE-2025-10461
Global file reads caused by improper URL checks in webserver - CVE-2025-10685
HTTP POST with specific higher content length leads into hea
Same weakness: CWE-476
- CVE-2026-8252
Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer - CVE-2026-7259
Null pointer dereference in php_mb_check_encoding() via mb_e - CVE-2026-7262
NULL pointer dereference in SOAP apache:Map decoder with mis - CVE-2026-42183
Argo Workflows: SSO RBAC Delegation Nil Pointer Dereference - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error
V. Comments for CVE-2022-2337
No comments yet